Backup Anytime

Ask the data experts.

New! (October 2008)

Following of from the continuing success of the “Who’s who in data” interview series we have decided to allow you to ask the questions! Simply respond to this post using the standard comment option below. Present your question in the comment. Given the question is appropriate we will publish it and ask it of an expert from the “Who’s who in data” interview series. The expert asked will be chosen based on the relevance of their experience and expertise to your question and their willingness to answer. The chosen expert may therefore be from a past, present or yet to be published interview.

The real benefit here is that information on this page will be provided in order of readers wishes rather than the interview chronological order of the main “Who’s who in data” section.

Appropriate questions may be asked regarding any of the following.

Data protection, data management, data law, data backup, data security, data storage, data de-duplicattion, data technology, data privacy and yes you’ve got it. anything of relevance to the data industry.

Go ahead, all you have to do is ask! Click on comment and type your question.

Voter data privacy: For all the wrong reasons.
The reasoning of those opposed to selling electoral data in the UK is a cause for concern. The overwhelming support amongst election officials for an outright ban on the sale of data is to be condoned. Their reasoning and motivations may not be in the spirit of data protection. Almost 99% of administrators polled are in favour of a ban on the sale of voter data to marketing companies. This is good news. A little scratching below the surface and we find that common reasons given were that there was not enough money in it and that it may prevent some people from voting. Surely the most important reason to refrain from selling voter data is to protect personal information.

There has been an opt out option on English electoral forms since 2002 but things have moved on since then. Opt in requirement is the norm now in some far less contentious data areas than the electoral register. Most people with an awareness of data protection would even see an opt in as an infringement. A vote is a serious civic duty and to add additional boxes for the benefit of private companies is an intrusion and presents a risk of confusion possibly even affecting voter choice.

The Direct Marketing Association has claimed that since the majority of their members use the edited electoral list to confirm accuracy of existing detail that this could lead to more rather than less unwanted mail.

It is surely reasonable for voters to read from this that Direct Marketing Association members are therefore
knowingly sending mail to inaccurate lists and resolving errors as new poling info becomes available. Surely the Government will not allow this to continue and will ban further sales of voter information while increasing the watch over and sanction of organizations continuing to use mailing lists about which they are not 100% certain are accurate and insist that all lists are managed on an opt in basis with a specifically limited usage period in force.

I visit the following websites frequently.

http://www.tjmcintyre.com/

http://www.tuppenceworth.ie/blog/

http://www.mulley.net/

Between them they range in content from academic law through technology and business to personal blog.

One theme they all feature (and with authority) is data protection.  Specifically this post is written as a consequence of ongoing articles and general media reports about ISP user data retention law.

Keeping this simple (for my benefit, not yours) the crux of this story is about Irish Internet service providers being forced to retain records of web traffic as it pertains to i.p. addresses which in effect relate to clients.

We can all see the possible merits and great difficulties this presents. Used correctly this could assist law enforcement. Overused or used improperly this could result of dreadful encroachments on the data privacy of Internet users not withstanding actual harm as a consequence.

The Internet is (well was anyway) a place where people can seek answers to questions they would fear asking in public. It is also a place where people can enjoy personal relationships at all levels and of all types and where people commonly provide deeply personal information.

So what has this got to do with online backup? That is my question.

Big things happen in small steps. Here is what may seem an unlikely scenario but which must be considered. If ISP data is up for grabs, what about online backups?

Could law enforcement contact an online backup company and seek client data based on an investigation?

It doesn’t actually seem a stretch too far. After all it has some strong resemblances to the ISP scenario. A business providing a service to clients has files (stop jumping up and down, we will deal with encryption soon) pertaining to a person being investigated by law enforcement. Law enforcement claim it is imperative they access this data and ISP legislation has set a precedent giving them authority to request it. OK I am over simplifying it now but you can see where this is going.

I don’t know if the client would even know or if the Backup provider would have the right (never mind the obligation) to notify the client.

There is of course one stark technical difference which is likely to offer a level of protection or difficulty depending on which side of this argument you are on and that is encryption.

The online backup provider receives encrypted data from the client. The client should be the only person to whom the encryption code is available. The online backup service provider should not have access to the code and should not therefore be in a position to assist law enforcement.

There are some weaknesses here.

In short, encryption can be broken. It takes time, costs money and won’t always be cracked successfully. Also any intended cracker legitimate or otherwise would need to have access to the encrypted data.

Despite the difficulties with cracking encryption and that it often fails, one has to conclude that encryption at the very best is not 100% safe.

We at backupanytime consider encryption to be a double edged sword in that it is used to protect client data but could if a client is careless lock them out.

It would appear that another edge may be added to the sword (lets call it legal Gillette III) with law enforcement possibly at some point in the future having the right to hack attempt client data.

Lets take a closer look with a fictitious example:

Lets say a client has lost their encryption code and the provider therefore has no complications with regard to the support request and can be absolutely confident that the correct thing to do is assist. The person requesting the data is proven to be the client and there is a contractual obligation to support them and no objections from any other party.

If the client just lost his code but his online backup server or workstation is still functional then all he needs to do is change the code (prior code not required) from that system as is will be authenticated by the backup server. This example (which is common) is not relevant to the discussion at hand so we will examine a worst case scenario example.

A client has lost his encryption code (normally a sheet of paper) and has lost his key file (a small digital file which would suffice as an alternative) and the clients local online backup server or workstation has been completely destroyed in advance of any opportunity since losing the code to change the code.

That may seem unlikely but probability is a numbers game and you can be sure it has happened globally on many occasions.

So what next for Murphy?

Having established that there is no possibility of finding either the encryption code or the key file and that said client computer can not be found or repaired, there is only one option. A hack attempt. The client needs to sign authorisation and a cryptologist needs to be hired. This cryptologist may be a third party or he may represent the software company which programmed the solution used by the service provider.

The cryptologist would normally be paid in advance as given there can’t be a guarantee of success his work is not gauged or charged on a results basis.

Next the client waits. A reasonable attempt (which is actually many million attempts) may take up to a week to succeed or fail and a failed attempt could be considered block attempt number 1 of x in a scenario backed by an appropriate budget. As a guideline, your chances of succeeding should not be considered as greater than 50%

This is reasonable as strong crack probabilities would only point to weak encryption. It would be easy, pointless and dangerous to implement poor encryption to allow for incompetence. No offence intended to any clients here. This is your data we are talking about so you want it to be treated with a level of strictness which is conducive to a quality service.

In summary

Online backup is a relatively new and unregulated industry (self or enforced) and therefore law pertaining to online backup (and I don’t know what I am talking about here) can only be taken from precedence and similar or related industries.

ISPs are arguably in a similar industry and law is requiring of them that they make data (only of a particular type which may be the real protection for online backup) be made available to law enforcement.

So here is what you need to do regarding encryption. Use the highest level available and mind your code where you and only you will find it.

Blackberry encryption update (India)

The company behind  Blackberry (Research In Motion) has informed the Indian Government (and the public) not alone that it will not provide end user  encryption  keys for the advantage law enforcement intelligence but that it could not do this even if it wanted.

The reason cited is that each user has her own encryption code which Research In Motion do not have access to.

The Indian government first claimed their concern was that Blackberry devices in India communicate through servers outside of India (R.I.M. are based in Canada) and therefore the systems in India could be used by terrorists because the server was not subject to Indian law. Given however that the encryption is on an individual user basis and that the service provider can not unlock the data, it would appear to make little difference where the server is located.

None of this negates the necessity for intelligence regarding major threats and the absolute requirement for those in Government to take a stand. The real issue here is that we have entered a technological era in which the implementation of new legal requirements will often create a complicated stalemate between what the Government want and what technology will make available to them.

It is absolutely reasonable for Blackberry to protect client data and themselves from client data loss by making the data un-encryptable by Blackberry.  The issue with encryption is that it has become reliable on a group level. In other words, an individual code may be cracked over time with expert assistance. The cracking of group or global passwords is becoming uncommon at the same rate as their usage.

In the business of online backup, an encryption model of the type used by Blackberry is exactly what users demand. They want the data to be safe if lost or stolen and they want the encryption to be such that the service provider can not read the data. Anything less today isn’t really encryption but a puzzle which will be broken by one to have the answer distributed to many.